Date: Mon, 02 Oct 2000 12:54:46 -0600 From: Brett Glass <brett@lariat.org> To: Dan Debertin <airboss@bitstream.net> Cc: security@FreeBSD.ORG Subject: Re: ftpd bug in FreeBSD through at least 3.4 Message-ID: <4.3.2.7.2.20001002124915.00d51820@localhost> In-Reply-To: <Pine.LNX.4.21.0010021331250.1161-100000@dmitri.bitstream.n et> References: <4.3.2.7.2.20001002113441.04932240@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:42 PM 10/2/2000, Dan Debertin wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >I realize that there have been quite a few advisories related to wu-ftpd >lately. However, looking at the example you quote below, it looks as if it >is the Linux FTP _client_ that is SEGVing, not the server. Would a server >tell the remote end that it has segfaulted? No. Run strace on your ftp >client, and you'll see the SEGV. Just looked at this, and you seem to be correct. The message does, for some reason, seem to be originating in the client. This means that while there is a bug it is not likely to be exploitable. Whew! --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20001002124915.00d51820>